CVE-2020-3679

u'During execution after Address Space Layout Randomization is turned on for QTEE, part of code is still mapped at known address including code segments' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music,...

CVE-2020-11828

In ColorOS oppo mobile phone operating system, based on AOSP frameworks/native code position/services/surfaceflinger surfaceflinger.CPP, RGB is defined on the stack but uninitialized, so when the screenShot function to RGB value assignment, will not initialize the value is returned to the...

CVE-2020-27633

In FNET 4.6.3, TCP ISNs are improperly random...

CVE-2018-9434

In multiple functions of Parcel.cpp, there is a possible way to bypass address space layout randomization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2018-9384

In multiple locations, there is a possible way to bypass KASLR due to an unusual root cause. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation...

CVE-2017-8776

Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 have approximately 165 PE files in the default installation that do not use ASLR/DEP protection mechanisms that provide sufficient defense against directed attacks against the...

Outsourcing SAT-Based Verification Computations in Network Security

The emergence of cloud computing gives huge impact on large computations. Cloud computing platforms offer servers with large computation power to be available for customers. These servers can be used efficiently to solve problems that are complex by nature, for example, satisfiability SAT problem...

CVE-2025-43551

Substance3D - Stager versions 3.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a...

PT-2025-20751 · Apple · Macos Sonoma +3

Name of the Vulnerable Software and Affected Versions: macOS Ventura versions prior to 13.7.6 macOS Sequoia versions prior to 15.5 macOS Sonoma versions prior to 14.7.6 Description: The issue allows an app to bypass Address Space Layout Randomization ASLR, which is a security feature designed to...

Apple macOS 安全漏洞

Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple USA. A security vulnerability exists in Apple macOS that stems from an insufficient check that could cause an application to bypass ASLR...

Enable Kernel ASLR

Address-space layout randomization ASLR randomly arranges the positions of the stack, function libraries, and programs to slightly different positions each time. As a result, the correct positions cannot be guessed, and buffer overflow attacks fail. In the Linux kernel, ASLR is classified into...

Oracle Linux 9 : kernel (ELSA-2025-4341)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-4341 advisory. - nvme-tcp: fix potential memory corruption in nvmetcprecvpdu Chris Leech RHEL-87479 CVE-2025-21927 - ipvs: properly dereference pe in ipvsaddservice...

WordPress plugin Prevent Direct Access 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...

Exploit for CVE-2025-3102

CVE-2025-3102 🛠️ SureTriggers Exploit Script Script ini diguna...

CVE-2025-3495

Delta Electronics COMMGR v1 and v2 uses insufficiently randomized values to generate session IDs CWE-338. An attacker could easily brute force a session ID and load and execute arbitrary code...

CVE-2025-3495 COMMGR - Insufficient Randomization Authentication Bypass

Delta Electronics COMMGR v1 and v2 uses insufficiently randomized values to generate session IDs CWE-338. An attacker could easily brute force a session ID and load and execute arbitrary code...

CVE-2025-3495

CVE-2025-3495 affects Delta Electronics COMMGR v1 and v2. The root cause is insufficiently randomized session IDs (CWE-338) in COMMGR, allowing brute-force traversal to load and execute arbitrary code. Several connected sources corroborate this issue, including CVE entries and PT Security notes r...

CVE-2025-30303

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in tha...

CVE-2025-27204

After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a...

CVE-2025-27184

After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a...